<?php
if( !defined( '_VALID_MOS' ) && !defined( '_JEXEC' ) ) die( 'Direct Access to '.basename(__FILE__).' is not allowed.' );
/**
* @version $Id: checkout.paybox_cc_form.php  V 1.2
* @package VirtueMart
* @subpackage html
* @author Fetsch Fabrice  <fabrice.fetsch(at)keoconcept.com>
* 				Val�rie Isaksen <valerie.isaksen@alatak.net>
* @copyright Copyright (C) 2004-2005 Soeren Eberhardt. All rights reserved.
* @license http://www.gnu.org/copyleft/gpl.html GNU/GPL, see LICENSE.php
* VirtueMart is free software. This version may have been modified pursuant
* to the GNU General Public License, and as distributed it includes or
* is derivative of works licensed under the GNU General Public License or
* other free or open source software licenses.
* See /administrator/components/com_virtuemart/COPYRIGHT.php for copyright notices and details.
*
* The ps_paybox class, containing the payment processing code
*  for transactions with  PAYBOX Payment Gateways 
*
*  
*
*/
mm_showMyFileName( __FILE__ );

require_once(  CLASSPATH."payment/ps_paybox.cfg.php");
require_once(  CLASSPATH."payment/ps_paybox.php");
$PAYBOX_LANG =& new ps_paybox_Language();

global $mosConfig_absolute_path, $mosConfig_live_site, $mosConfig_lang, $ps_vendor_id , $vendor_country_2_code, $user;
global $VM_LANG, $Itemid;


$amount = $db->f("order_total")*100;

$url_ok = SECUREURL ."index.php?option=com_virtuemart&amp;page=checkout.paybox_result&amp;status=ok";
$url_cancelled =  SECUREURL ."index.php?option=com_virtuemart&amp;page=checkout.paybox_result&amp;status=cancel";
$url_deny = SECUREURL ."index.php?option=com_virtuemart&amp;page=checkout.paybox_result&amp;status=deny";
$url_error = SECUREURL."administrator/components/com_virtuemart/html/checkout.paybox_error.php";
// ajout URL http dynamique
$url_http = SECUREURL."paybox_url_http.php";
//$url_error = SECUREURL."paybox_error.php";
$url = PAYBOX_MOD_URL;
// On récupère la date au format ISO-8601
$datetime = date("c");

/*$post_variables = Array(
	"PBX_MODE" => "13" ,
	"PBX_TOTAL" => $amount ,
	"PBX_DEVISE" =>  PAYBOX_CURRENCY ,
	"PBX_DIFF" =>  PAYBOX_DIFF ,
	"PBX_CMD" =>  PAYBOX_PREFIX. "-" . $db->f("order_id") ,
	"PBX_PORTEUR" => $dbbt->f('user_email'),
	"PBX_EFFECTUE" =>   $url_ok ,
	"PBX_ANNULE" =>   $url_cancelled ,
	"PBX_REFUSE" =>  $url_deny ,
	"PBX_ERREUR" =>  $url_error,
	// variable url http
	"PBX_REPONDRE_A" => $url_http,
	"PBX_OPT" =>  CLASSPATH."payment/ps_paybox_local.txt" ,
	"PBX_RETOUR" => "transactionnum:S;bankauth:A;transactionid:T;vmref:R;amount:M;pbxerror:E"
);*/

$post_variables = Array(
"PBX_SITE" => PAYBOX_IBS_SITE ,
"PBX_RANG" => PAYBOX_IBS_RANK ,
"PBX_IDENTIFIANT" => PAYBOX_ID ,
"PBX_TOTAL" => $amount ,
"PBX_DEVISE" =>  PAYBOX_CURRENCY ,
"PBX_CMD" =>  PAYBOX_PREFIX. "-" . $db->f("order_id") ,
"PBX_PORTEUR" => $dbbt->f('user_email'),
"PBX_EFFECTUE" =>   $url_ok ,
"PBX_ANNULE" =>   $url_cancelled ,
"PBX_REFUSE" =>  $url_deny ,
//"PBX_ERRORCODETEST" => "00004",
"PBX_RETOUR" => "transactionnum:S;bankauth:A;transactionid:T;vmref:R;amount:M;pbxerror:E" ,
"PBX_HASH" => "SHA512",
"PBX_KEY" =>  PAYBOX_KEY ,
"PBX_HMAC" => '',
"PBX_TIME" => $datetime,
"PBX_REPONDRE_A" => $url_http
);


/*
// On zappe la page
if( $page == "checkout.thankyou" ) {
	$query_string = "?";
	foreach( $post_variables as $name => $value ) {
		$query_string .= $name. "=" . urlencode($value) ."&";
	}
	vmRedirect( $url . $query_string );
} else {
 
	echo '<form target="_blank" action="'.PAYBOX_MOD_URL.'" method="post">';
	echo '<input type="image" name="submit" src="'.IMAGEURL.'/payment/paybox.gif" border="0" alt="Paiement avec Paybox!">';

	foreach( $post_variables as $name => $value ) {
		echo '<input type="hidden" name="'.$name.'" value="'.$value.'" />';
	}
	echo '</form>';
}

<form method="GET" action="https://preprod-tpeweb.paybox.com/cgi/MYchoix_pagepaiement.cgi">
<input type="hidden" name="PBX_SITE" value="1999888">
<input type="hidden" name="PBX_RANG" value="32">
<input type="hidden" name="PBX_IDENTIFIANT" value="110647233">
<!-- Paramètres specifiques à la commande monnaie/devise/num-commande/emetteur -->
    <input type="hidden"  name="PBX_TOTAL" value="<?PHP echo $MONTANT;?>">
    <input type="hidden"  name="PBX_DEVISE" value="978">
    <input type="hidden"  name="PBX_CMD" value="webpneu-<?PHP echo $REFERENCE;?>">
    <input type="hidden"  name="PBX_PORTEUR" value="<?PHP echo $PORTEUR;?>">
    <input type="hidden"  name="PBX_EFFECTUE" value="http://78.229.232.145/~webpneu/index.php?option=com_virtuemart&page=checkout.paybox_result&status=ok">
    <input type="hidden"  name="PBX_ANNULE" value="http://78.229.232.145/~webpneu/index.php?option=com_virtuemart&page=checkout.paybox_result&status=cancel">
    <input type="hidden"  name="PBX_REFUSE" value="http://78.229.232.145/~webpneu/index.php?option=com_virtuemart&page=checkout.paybox_result&status=deny">
    <input type="hidden"  name="PBX_RETOUR" value="transactionnum:S;bankauth:A;transactionid:T;vmref:R;amount:M;pbxerror:E">

  <!-- Paramètres specifiques de Sécurité -->
  <input type="hidden" name="PBX_HASH" value="SHA512">
  <input type="hidden" name="PBX_TIME" value="<?PHP echo $datetime;?>">
  <input type="hidden" name="PBX_REPONDRE_A" value="http://78.229.232.145/~webpneu/paybox_url_http.php">
  <input type="hidden" name="PBX_HMAC" value="<?PHP echo $pbx_hmac;?>">
<input type="submit"   value="PAIEMENT">
</form>

*/

// On zappe la page
if( $page == "checkout.thankyou" ) {
	$query_string = "?";
	foreach( $post_variables as $name => $value ) {
		$query_string .= $name. "=" . urlencode($value) ."&";
	}
	//vmRedirect( $url . $query_string );
} else {
	$query_string = "";
	foreach( $post_variables as $name => $value ) {
		$query_string .= $name. "=" . urlencode($value) ."&";
	}
	//supprime le etcommercial à la fin
    # $etcommercial= "&";
	#echo 'querystring: '.$query_string = substr($query_string,0,strlen($query_string)-1);
	//fin suppression etcommercial
	$pbx_hash = "SHA512";
	// On récupère la clé secrète HMAC et que on renseigne dans la variable $keyTest;
	// Si la clé est en ASCII, On la transforme en binaire
	#$keyTest = "0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF";
	$binKey = pack("H*", $post_variables['PBX_KEY']);
	// On calcule l’empreinte (à renseigner dans le paramètre PBX_HMAC) grâce à la fonction hash_hmac et // la clé binaire
	// On envoie via la variable PBX_HASH algorithme de hachage qui a été utilisé (SHA512 dans ce cas)
	#$hmac = strtoupper(hash_hmac($pbx_hash, $query_string, $binKey));
	$post_variables['PBX_HMAC'] = strtoupper(hash_hmac($pbx_hash, $query_string, $binKey));
	// La chaîne sera envoyée en majuscules, d où utilisation de strtoupper()
	// On crée le formulaire à envoyer à PAYBOX System
	// ATTENTION : ordre des champs est extrêmement important, il doit
	// correspondre exactement à ordre des champs dans la chaîne hachée
	#$pbx_hmac = $hmac;
	#$query_string = "?".$query_string."&PBX_HMAC=".$pbx_hmac ;
 
	echo '<form target="_blank" action="'.PAYBOX_MOD_URL.'" method="GET">';
	echo '<input type="image" name="submit" src="'.IMAGEURL.'/payment/paybox.gif" border="0" alt="Paiement avec Paybox!">';

	foreach( $post_variables as $name => $value ) {
		echo '<input type="hidden" name="'.$name.'" value="'.$value.'" />';
	}
	<input type="submit"   value="PAIEMENT">
	echo '</form>';
	 
}

?>

